Skip to content

Commit 2e792c7

Browse files
ggreerggreer
authored
Revert "[BB-1449] Only grant active accounts" (#87)
1 parent a6414e4 commit 2e792c7

File tree

1 file changed

+1
-30
lines changed

1 file changed

+1
-30
lines changed

pkg/connector/account.go

Lines changed: 1 addition & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -247,8 +247,6 @@ func (o *accountResourceType) Grants(ctx context.Context, resource *v2.Resource,
247247
}
248248

249249
func (o *accountResourceType) Grant(ctx context.Context, principal *v2.Resource, entitlement *v2.Entitlement) (annotations.Annotations, error) {
250-
l := ctxzap.Extract(ctx)
251-
252250
principalType := awsSsoAdminTypes.PrincipalType("")
253251
principalId := ""
254252
switch principal.Id.ResourceType {
@@ -259,30 +257,6 @@ func (o *accountResourceType) Grant(ctx context.Context, principal *v2.Resource,
259257
return nil, err
260258
}
261259
principalId = ssoUserID
262-
263-
trait, err := resourceSdk.GetAppTrait(entitlement.Resource)
264-
if err != nil {
265-
return nil, err
266-
}
267-
268-
awsAccountId, ok := resourceSdk.GetProfileStringValue(trait.Profile, "aws_account_id")
269-
if !ok {
270-
return nil, fmt.Errorf("aws-connector: could not find aws_account_id in user profile")
271-
}
272-
273-
account, err := o.orgClient.DescribeAccount(ctx, &awsOrgs.DescribeAccountInput{
274-
AccountId: awsSdk.String(awsAccountId),
275-
})
276-
if err != nil {
277-
return nil, fmt.Errorf("aws-connector: describeAccount failed: %w", err)
278-
}
279-
280-
if account.Account.Status != types.AccountStatusActive {
281-
l.Info(fmt.Sprintf("aws-connector: account %s is not active, status: %s", principalId, account.Account.Status))
282-
283-
return nil, fmt.Errorf("aws-connector: account %s is not active", awsSdk.ToString(account.Account.Name))
284-
}
285-
286260
case resourceTypeSSOGroup.Id:
287261
principalType = awsSsoAdminTypes.PrincipalTypeGroup
288262
ssoGroupID, err := ssoGroupIdFromARN(principal.Id.Resource)
@@ -318,7 +292,7 @@ func (o *accountResourceType) Grant(ctx context.Context, principal *v2.Resource,
318292
annos.Append(reqId)
319293
}
320294

321-
l = l.With(
295+
l := ctxzap.Extract(ctx).With(
322296
zap.String("request_id", awsSdk.ToString(createOut.AccountAssignmentCreationStatus.RequestId)),
323297
zap.String("principal_id", awsSdk.ToString(createOut.AccountAssignmentCreationStatus.PrincipalId)),
324298
zap.String("principal_type", string(createOut.AccountAssignmentCreationStatus.PrincipalType)),
@@ -349,9 +323,6 @@ func (o *accountResourceType) Grant(ctx context.Context, principal *v2.Resource,
349323
l.Debug("aws-connector: waiting for account assignment creation to complete, checking status...")
350324
complete, err = o.checkCreateAccountAssignmentStatus(waitCtx, l, createOut.AccountAssignmentCreationStatus)
351325
if err != nil {
352-
if errors.Is(err, context.DeadlineExceeded) {
353-
return nil, fmt.Errorf("aws-connector: account assignment creation timed out: %w", err)
354-
}
355326
return nil, err
356327
}
357328
}

0 commit comments

Comments
 (0)